exploitDog

CVE-2022-50681

Опубликовано: 18 дек. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

A reflected cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via administration input fields in the Rich text editor component. Attackers can exploit this vulnerability to execute arbitrary scripts in users' browsers.

Ссылки

https://devnet.kentico.com/download/hotfixes
Product
https://www.vulncheck.com/advisories/kentico-xperience-rich-text-editor-reflected-xss
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kentico:xperience:*:*:*:*:*:*:*:*

Версия до 13.0.88 (включая)

EPSS

Процентиль: 13%

0.00043

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-fgg3-677x-v53c

CVSS3: 5.4

github

около 2 месяцев назад

A reflected cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious scripts via administration input fields in the Rich text editor component. Attackers can exploit this vulnerability to execute arbitrary scripts in users' browsers.

EPSS

Процентиль: 13%

0.00043

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79